II. DESCRIPTION
----------------------
In versions prior to 2.1.0 of VeraxNMS, the server-side component
eadministratorconsole-core-1.5.2.jar, contains a method named
decryptPassword(). This method provides the functionality
to decrypt a user's password using an implementation of RSA.
Within com.veraxsystems.eadministratorconsole.remote.service.impl,
it has been discovered that decryptPassword() uses a static,
hardcoded private key to facilitate this process. As a result,
these passwords should be considered insecure due to the fact
that recovering the private key is decidedly trivial.